26 to 50 of 242 Incident Response Jobs in the UK excluding London

will require knowledge and understanding of attack and exploitation techniques and adversarial TTP's. Help to provide resilience to our threat monitoring and response capabilities. Handle security incident response with internal teams and other third parties to ensure that the incident response life cycle … Good knowledge and understanding of SOC processes and procedures. Basic experience using SIEM systems such as MS Sentinel, LogRhythm, AlienVault, Splunk Good understanding of incident response stages and handling. Basic knowledge and experience using leading endpoint detection and threat management products and managing their operation. Good knowledge ...

This position offers an exciting opportunity to work in a fast-paced environment, handling cutting-edge technology and complex challenges in cybersecurity. Key Responsibilities: Incident Response (IR): Investigate and respond to security incidents, ensuring rapid containment, eradication, and recovery. Conduct root cause analysis of security breaches and create … detailed incident reports. Collaborate with stakeholders to refine and enhance the incident response plan and playbooks. Security Operations Center (SOC): Monitor and analyse security alerts and logs from various tools such as SIEM, IDS/IPS, and endpoint detection systems. Identify and escalate potential security threats ...

strengthening and evolving their cyber defence capability. This is a high-impact leadership role where you'll own security operations end-to-end , lead incident response, and work closely with the CISO to drive continuous improvement across a mature but evolving cyber function. What you'll be doing … Leading and developing a Cyber Security Operations team Acting as incident commander during cyber events and investigations Maturing SOC, CSIRT and incident response capabilities Driving threat hunting, detection and monitoring improvements Owning vulnerability management and pen test governance Ensuring alignment with ISO27001, NIST, GDPR and regulatory expectations ...

Cyber Security Operations Centre supporting critical national security environments. This is an opportunity to work at the forefront of cyber defence, leading threat detection, incident response, vulnerability management, and continuous improvement of security monitoring capabilities. As a Senior SOC Analyst, you will play a key role in protecting … complex enterprise environments through the management and optimisation of security tooling, threat detection, incident response, and forensic investigations. You will work closely with internal and external stakeholders to enhance SOC capabilities, improve security visibility, and strengthen cyber resilience. Key Responsibilities Maintain and optimise SOC Protect, Detect and Respond ...

Cyber Security Operations Centre supporting critical national security environments. This is an opportunity to work at the forefront of cyber defence, leading threat detection, incident response, vulnerability management, and continuous improvement of security monitoring capabilities. As a Senior SOC Analyst, you will play a key role in protecting … complex enterprise environments through the management and optimisation of security tooling, threat detection, incident response, and forensic investigations. You will work closely with internal and external stakeholders to enhance SOC capabilities, improve security visibility, and strengthen cyber resilience. Key Responsibilities Maintain and optimise SOC Protect, Detect and Respond ...

opportunity to play a key role in protecting critical systems and services, working alongside security, infrastructure, and cloud teams to enhance security monitoring, incident response, threat detection, and operational resilience. The successful candidate will bring a strong background in cyber security operations, ideally gained within Defence, Government … other highly regulated environments. Responsibilities Support the operation and continual improvement of cyber security monitoring and incident response capabilities. Investigate and manage cyber security incidents, ensuring appropriate containment, remediation, and reporting. Analyse security alerts, events, and threat intelligence to identify potential risks and vulnerabilities. Develop and refine detection ...

Analyst/Senior Cyber Security Specialist to join their growing cyber security function. This is an exciting opportunity for someone with strong incident response and threat detection expertise to work in a fast-paced environment protecting critical systems and infrastructure. The Role As a Level 3 SOC Analyst … analysts Conduct proactive threat hunting activities and identify emerging attack patterns Develop and optimise SIEM detection rules, correlation logic, and automation workflows Improve incident response processes, runbooks, and security operations procedures Analyse security alerts and telemetry to identify threats and vulnerabilities Collaborate with technical teams to strengthen cyber ...

experience. This is a senior, hands-on role working across firewalling, on-premise and cloud security, secure infrastructure, network security, workload segmentation, hardening, monitoring, incident response and security architecture. The environment is highly secure and regulated, with a strong focus on enterprise firewalling, Elastic/Elasticsearch, VMware-based … Server environments, Active Directory, Group Policy and endpoint configurations Implementing, auditing and remediating against CIS Benchmarks, STIGs and security hardening standards Supporting vulnerability management, incident response, root cause analysis and remediation planning Embedding security into DevSecOps/CI/CD practices, including automated security testing and policy ...

across the business. The Role Youll lead day-to-day cyber security operations, working closely with IT and business stakeholders to ensure robust monitoring, incident response, and risk management processes are in place. This is a hands-on role with both operational and strategic elements. Key Responsibilities Overseeing … cyber operations, including threat monitoring and incident response Managing vulnerabilities and supporting remediation activities Supporting the development and delivery of cyber security strategy Collaborating with internal teams and third-party providers Driving awareness, training, and continuous improvement initiatives About You Experience in cyber security operations, SOC, or incident ...

frameworks such as NIST CSF, IEC 62443 and other recognised industry standards. Assess critical network infrastructure, including segmentation, remote access, identity, monitoring, resilience and incident response capabilities. Review OT architecture, asset inventories, data flows, firewall rules, network zones and conduits. Identify security gaps, operational risks, vulnerabilities and control … senior business stakeholders. Produce high-quality client deliverables, including assessment reports, risk registers, maturity scorecards, architecture recommendations and implementation roadmaps. Contribute to OT incident response planning, tabletop exercises, cyber resilience testing and recovery planning. Support pre-sales activity, including solution shaping, proposal input and client presentations where required. ...

system environments. This role sits within a Security Operations function but is heavily engineering focused, combining hands on OT security tooling, detection engineering and incident response to strengthen resilience across critical infrastructure. Key Responsibilities: Act as the OT security engineering SME, supporting both operational and project based activities … equivalent) Develop and refine detection rules, alerting logic and monitoring coverage across OT and IT/OT convergence points Lead technical investigations and incident response for OT-related cyber events Analyse industrial network traffic to identify anomalies, threats and protocol misuse Integrate OT telemetry into SIEM ...

network estate (including Cisco Meraki). The role is hands-on and operational, partnering with IT teams to implement security controls, support monitoring and incident response through Sophos MDR, and improve cyber resilience by supporting Disaster Recovery (DR) testing and Business Continuity (BC) readiness. Key Responsibilities Cloud Security … ensure changes follow change control. Enable and review network security logging/alerting (e.g., syslog/SIEM integrations where applicable). Monitoring, Detection & Incident Response (Sophos MDR) Act as the internal technical point of contact for Sophos MDR and ensure smooth collaboration with MDR analysts. Maintain coverage ...

clients—from fast-growing organizations to large enterprise and public sector environments. Our security function supports clients through capabilities such as Managed Detection and Response (MDR), threat hunting, vulnerability management, penetration testing, and incident response, alongside advisory-led consulting engagements. The organization is experiencing strong growth … cyber threats across varied environments. You will support and mentor junior analysts, lead complex investigations, and contribute to the ongoing development of detection and response capabilities. This role is suited to a security professional with a solid technical background, a collaborative approach, and an interest in progressing into leadership ...

support). Monitor, analyse, and investigate network traffic and emerging threats, including active DDoS activity. Support customer maintenance, upgrades, and technical communications. Contribute to incident response and post-incident reviews that sharpen our detection and mitigation playbooks. Work within ITIL processes (Incident, Change, Problem, Service Requests … A+, Network+, Security+, CySA+, or CyberOps. If youre early in your career and hungry to build deep expertise in network security, traffic analysis, and incident response, this role was designed for you. Bright Purple is an equal opportunities employer: we are proud to work with clients who share ...

business continuity requirements. Drive accountability by maintaining clear roles, responsibilities and escalation paths across IT and business teams, ensuring a coordinated and effective response during incidents. Review test outcomes, identify lessons learned and champion continuous improvement initiatives that enhance resilience and recovery capability across the organisation. Monitor and assess … continuity dependencies. Provide meaningful governance, reporting and assurance to senior stakeholders on DR and BC readiness, resilience posture, identified risks and remediation activity. Ensure incident response, cyber resilience and major incident management processes integrate seamlessly with the wider DR and BC framework. Act as a key leader ...

cyber assurance integrates Knowledge of methodologies (Waterfall, Incremental, SAFE, DevOps) Experienced in managing ITHC activities end-to-end, from initial scoping through remediation Incident Response & Awareness Experienced in developing and managing Cyber Incident Response capabilities, including planning, implementation, and continuous improvement Proven experience designing and delivering ...

mature Security Operations Centre, focused on protecting essential services. The Opportunity You'll play a key role in real-time threat detection and response, working across a complex enterprise environment. This position combines SOC operations, threat hunting, and continuous improvement, giving you the chance to influence detection capability … response maturity. What You'll Be Doing Monitoring & Triage Analyse and triage security alerts using SIEM platforms Correlate events and identify patterns across multiple data sources Assess severity, scope, and business impact Investigation & Analysis Conduct detailed investigations across endpoint, network, identity, and log data Build evidence-led timelines ...

integration and performance testing for all components Ensure solutions are reliable, reproducible and stable across releases Support continuous improvement of testing practices Monitoring and Incident Response Implement observability and monitoring tooling Track system performance and detect anomalies Support incident response, troubleshooting and root cause analysis ...

Risk & Compliance: Ensure adherence to DSPT, CAF, CE+, ISO 27001, GDPR/DPA. Security by Design: Support secure architecture, systems design, and resilience planning. Incident Response: Act as primary escalation point; lead investigations and remediation. Policy & Process: Develop and enforce security policies and technical controls. Threat & Vulnerability Management … supplier security assessments. Familiarity with CAF, CE+, NIST, CIS Controls, ISO 27001. Understanding of healthcare data protection, ideally NHS/UK standards. Strong incident response, analytical, and problem-solving skills. Knowledge of AI/ML risks and AI governance. Experience with phishing campaigns, penetration testing, and remediation. Excellent ...

practical, proportionate security advice to stakeholders. Reporting & Metrics Develop and maintain meaningful metrics to measure the effectiveness of vulnerability management and threat intelligence functions. Incident Response Support Support and enhance incident response processes. Represent cyber security during operational incidents, coordinate with stakeholders, and assist threat intelligence ...

Essential Experience Proven experience leading a Security Operations Centre (SOC/NSOC) or cyber security function within a complex organisation. Experience in security operations, incident response, risk management, and service delivery. Experience maintaining compliance with standards such as ISO 27001 and Cyber Essentials Plus. Experience managing third-party … Ability to engage effectively with senior stakeholders and communicate technical issues in business terms. Technical Knowledge Strong understanding of cyber security operations, threat detection, incident response, and security monitoring. Good knowledge of network infrastructure, cloud technologies, and endpoint security. Experience with Microsoft Azure, Microsoft Sentinel, Microsoft Defender ...

project outcomes within agreed SLAs. Operational Excellence Accountable for the operational integrity of WAN, LAN, Wi-Fi, and cloud-based network services. Oversee incident response, troubleshooting, and root cause analysis for complex network issues, ensuring timely resolution and minimal business impact. Owner of network device configuration management, backup … network security baselines, compliance with internal policies, and external standards (e.g., ISO 27001, NIST CSF). Collaborate with the Security team on vulnerability management, incident response, and audit readiness. Supplier & Stakeholder Management Act as the primary technical authority with network service providers and hardware vendors, accountable ...

play a key role in a growing SecOps function protecting a modern Microsoft and cloud environment. This is a highly technical role focused on incident response, SIEM optimisation, vulnerability management, and security engineering, helping drive a Zero Trust journey and supporting ISO 27001 & CIS controls. What … doing Lead and support incident response, threat monitoring and root-cause analysis Tune and optimise SIEM & CrowdStrike EDR for maximum effectiveness Drive vulnerability management, remediation and risk reduction Secure cloud and infrastructure across Intune, Entra ID, Palo Alto, Cisco ISE, Mimecast and more Implement key security controls including ...

your background and interests, your work may include: Reviewing security maturity against recognised good practice Supporting Cyber Essentials preparation and assessments Developing and testing incident response plans Carrying out tabletop and simulated incident exercises Assessing and improving supply chain security Advising on secure application and software development … love to hear from you. Apply now and send over your CV for a quick review. Security, Cyber, Cybersecurity, Infosec, Information Security, Incident Response, IR, Consult, Consultant, Consulting, Compliance, 27001, GDPR, DPA, Data Protection, GRC, Governance, Risk Circle Recruitment is acting as an Employment Agency in relation ...

infrastructure, implementing and overseeing risk management processes, ensuring that appropriate controls and countermeasures are in place to mitigate all identified risks. Lead the incident response efforts, including preparing for, detecting, and responding to cyber security incidents, ensure that an effective incident response plan is in place … regularly tested and managing post incident analysis and reporting to prevent future occurrences. Manage and mentor the cyber security team, fostering a culture of continuous learning and development, ensuring that the team has the necessary skills and tools to protect the organisation effectively, and oversee recruitment, training, and performance ...